(1) Field of the Invention
The present invention relates to an encryption technology used as an information security technology, and especially to a technology for detecting errors that occur in decrypting.
(2) Description of the Related Art
As data communication using a computer technology or a communication technology becomes widespread, cryptocommunication systems are becoming prevalent. Cryptocommunication enables data communication without revealing the communications to a third party who is not an intended party.
Cryptosystems are used for realizing the cryptocommunication systems. In cryptosystems, an authentic encryption key is used in applying an encryption algorithm to plaintext for generating ciphertext, and an authentic decryption key is used in applying a decryption algorithm to the ciphertext for generating decrypted text. In some cryptosystems, there is a possibility of generating decrypted text which is different from original plaintext. Hereinafter, the phenomena in which generated decrypted text is different from its original plaintext is referred to as a “decryption error,” and the cryptosystem in which this decryption error occurs is referred to as a “decryption error vulnerable cryptosystem.”
One example of the above-mentioned decryption error vulnerable cryptosystems is a NTRU cryptosystem. The NTRU cryptosystem, simply put, generates ciphertext by encrypting plaintext by using random numbers as parameters and an encryption key, and generates decrypted text by decrypting the ciphertext by using a decryption key. This cryptosystem, which uses random numbers as parameters, has a chance of obtaining different ciphertext from the same plaintext.
For a detailed description of the NTRU cryptosystem, please refer to Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman, “NTRU: Aringbasedpublic key cryptosystem,” Lecture Notes in Computer Science, 1423, pp. 267–288, Springer-Verlag, 1998.
In the cryptocommunication system using the NTRU cryptosystem, there is a possibility of obtaining different decrypted text from the original plaintext. Therefore, intended information is not insured to be transmitted to the receivers.